CERT Guide to Insider Threats Named to Cybersecurity Canon
• Article
April 6, 2016—Palo Alto Networks has announced that the CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes will be inducted into the Cybersecurity Canon in 2016. The book was published by Addison-Wesley Professional in 2012. Two SEI CERT Division researchers, Randall Trzeciak and Andrew Moore, who coauthored the book with Dawn Cappelli, were recognized for their contributions to the field at the Ignite 2016 Cybersecurity Conference on April 4 in Las Vegas, Nevada.
Palo Alto Networks created the canon “to identify a list of must-read books for all cybersecurity practitioners—be they from industry, government or academia—where the content is timeless, genuinely represents an aspect of the community that is true and precise, reflects the highest quality and, if not read, will leave a hole in the cybersecurity professional’s education that will make the practitioner incomplete.”
Since 2001, the CERT Insider Threat Center has collected and analyzed information about hundreds of insider cybercrimes, ranging from national security espionage to theft of trade secrets. The CERT Guide to Insider Threats describes CERT's findings in practical terms, offering specific guidance and countermeasures that can be immediately applied by executives, managers, security officers, and operational staff within any private, government, or military organization.
“What makes the book valuable is that it is backed up with real data,” noted Palo Alto Networks’ Chief Security Officer Rick Howard. “After analyzing some 700 cases, the authors can make reasonable assertions about what might work. The epiphany for me was that the bulk of the recommendations do not fall within the technical realm. More than half fall into the administrative side, which may be why detecting the insider threat is so hard.”